AV software changes all the time, I definitely recall cases where AV got
interested in, eg, web browser caches and ended up corrupting things. But
that might be because it knew the files were written by a web browser.
Lightly frying the contents has the disadvantage of no mmap and no
sendfile() in future. Perhaps an idea to stash in our back pockets if it
turns out to be needed later.


On Tue, Apr 9, 2013 at 9:25 PM, Gregory Maxwell <gmaxwell@gmail.com> wrote:

> On Tue, Apr 9, 2013 at 7:39 AM, Caleb James DeLisle
> <calebdelisle@lavabit.com> wrote:
> > what anti-virus software might do when certain streams of bytes are sent
> across
> > the tcp socket or persisted to disk. Perhaps worth contacting an AV
> company and
> > asking what is the smallest data they have a signature on.
>
> I stuffed the testnet chain full of the EICAR test string and it
> hasn't triggered for anyone— it seems that (most?) AV tools do not
> scan big binary files of unknown type.. apparently.
>
> If we encounter a case where they do we can implement storage
> scrambling: E.g. every node picks a random word and all their stored
> data is xored with it.
>
>
> ------------------------------------------------------------------------------
> Precog is a next-generation analytics platform capable of advanced
> analytics on semi-structured data. The platform includes APIs for building
> apps and a phenomenal toolset for data science. Developers can use
> our toolset for easy data analysis & visualization. Get a free account!
> http://www2.precog.com/precogplatform/slashdotnewsletter
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>